<html>
<head>
<style>
.error {color: #FF0000;}
</style>
</head>
<body>

<?php

$emailErr = " ";
$email = " ";
if ($_SERVER["REQUEST_METHOD"] == "POST")
{
 if (empty($_POST["email"]))
     {$emailErr = "Email is required";}
   elseif (!preg_match("/([\w\-]+\@[\w\-]+\.[\w\-]+)/",test_input($_POST["email"])))
       
     {
     //$email = test_input($_POST["email"]);
     // check if e-mail address syntax is valid
     
       $emailErr = "Invalid email format";
       
     }
	 else{
	
$host="localhost"; // Host name
$username="root"; // Mysql username
$password=""; // Mysql password
$db_name="smartinterview"; // Database name
$tbl_name="login_details"; // Table name

// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");

// username and password sent from form


// To protect MySQL injection (more detail about MySQL injection)

$sql="SELECT UserEmail FROM $tbl_name";
$con=mysqli_connect("localhost","root","","smartinterview");
$result = mysqli_query($con,$sql);
			 while($row = mysqli_fetch_array($result)){
			if($row['UserEmail'] != $_POST["email"])
			$emailErr = "Email is not registered.Try Again";
			else{
			$subject = "New Password Information"; 
			$email = $_POST["email"]; //user/client email input
			$to = $email;
			$name = "SmartInterview";
			

			$defaultpassword1 = md5(rand(1000,10000));
			$defaultpassword = substr($defaultpassword1, 0, 5);
			$defaultpasswordmd5 = md5($defaultpassword);
			
			$sql1="UPDATE login_details SET UserPassword='$defaultpasswordmd5' WHERE UserEmail='$email'";
            $result1=mysql_query($sql1);
			
			
			
			
			$body = "Please enter $defaultpassword to Log In.";
		
  
         require("data/class.phpmailer.php");
         $mail = new PHPMailer(); 
         $mail->IsSMTP(); // send via SMTP
         $mail->SMTPAuth = true; // turn on SMTP authentication
         $mail->Username = "debajyotidebEC2013@gmail.com"; // SMTP username
         $mail->Password = "basundhara";
         $webmaster_email = "debajyotidebEC2013@gmail.com"; //Reply to this email ID
         $email="$to"; // Recipients email ID
         $name1="SmartInterview"; // Recipient's name
         $mail->From = $webmaster_email;
         $mail->FromName = $name;
         $mail->AddAddress($email,$name1);
         $mail->AddReplyTo($webmaster_email,$name);
         $mail->WordWrap = 10000; // set word wrap
         //$mail->AddAttachment("/var/tmp/file.tar.gz"); // attachment
         //$mail->AddAttachment("/tmp/image.jpg", "new.jpg"); // attachment
         $mail->IsHTML(true); // send as HTML
         $mail->Subject = $subject;
         $mail->Body = "<br/>".$body."<br/>"; //HTML Body
         //$mail->AltBody = "asset have been allocated to you"; //Text Body
         if(!$mail->Send())
         {
         echo "Mailer Error: " . $mail->ErrorInfo;
		 exit(0);
         }
         
     $url="loginpage.php?isEmailSuccess=yes&email=$to";
     header("Refresh:0;URL=$url");
     exit(0);	
			 }
	  
	  }
	  }
	  }
function test_input($data)
{
     $data = trim($data);
     $data = stripslashes($data);
     $data = htmlspecialchars($data);
     return $data;
}

?>
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="POST">
	 <span class="error"> <?php echo $emailErr;?></span>
		Enter your registered e-mail id : <input type="text" name="email"/>
		
	<br/><br/>
										
		<input type="submit" name="findUserName" value="Submit">
		</form>
	</body>
	</html>
	